6574 matches found
Buffer overflow
Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...
Buffer overflow
Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...
Session fixation
Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6...
Code injection
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...
Code injection
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1527
Cross-site Scripting XSS - Generic in GitHub repository tsolucio/corebos prior to 8.0...
CVE-2023-1540 Observable Response Discrepancy in answerdev/answer
Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1536 Cross-site Scripting (XSS) - Stored in answerdev/answer
Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.7...
CVE-2023-1545 SQL Injection in nilsteampassnet/teampass
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23...
CVE-2023-1535 Cross-site Scripting (XSS) - Stored in answerdev/answer
Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.7...
CVE-2023-1543 Insufficient Session Expiration in answerdev/answer
Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1541 Business Logic Errors in answerdev/answer
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1543 Insufficient Session Expiration in answerdev/answer
Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1539 Improper Restriction of Excessive Authentication Attempts in answerdev/answer
Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1538
CVE-2023-1538 is reported for the GitHub project answerdev/answer with an observable timing discrepancy prior to version 1.0.6. Multiple connected sources (NVD, GHSA, OSV, CNVD, CNVD) describe a user-enumeration-style issue originating in the login process, where valid vs invalid user checks diff...
CVE-2023-1536
CVE-2023-1536 describes a stored Cross-site Scripting (XSS) vulnerability in the GitHub repository answerdev/answer for versions prior to 1.0.7 . The issue arises from user-supplied input being stored and subsequently reflected, enabling an attacker to execute script in an authenticated user’s co...
CVE-2023-1541
CVE-2023-1541 affects the open-source project answerdev/answer prior to version 1.0.6. The issue is a Business Logic Error arising from improper permission handling in the password-reset workflow (the /answer/admin/api/user/password path). An attacker with low privileges can modify the user_id pa...
CVE-2023-1540
CVE-2023-1540 concerns the open‑source knowledgebase app answerdev/answer prior to version 1.0.6. The vulnerability is described as an observable response discrepancy in the GitHub repository’s Answer before 1.0.6, enabling information disclosure during the password reset flow: an attacker could ...
CVE-2023-1540 Observable Response Discrepancy in answerdev/answer
Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...
CVE-2023-1536 Cross-site Scripting (XSS) - Stored in answerdev/answer
Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.7...